Policy as Code (PaC) is transforming platform engineering by embedding security, compliance, and governance directly into developer workflows. It empowers developers with faster feedback, enables secure self-service, ensures consistent environments, and automates policy enforcement—boosting efficiency and scalability. By shifting policy management to code, teams gain transparency, reduce errors, and streamline compliance, paving the way for more secure, scalable, and developer-friendly platforms. The future of internal developer platforms is Policy as Code.

Kyverno is quickly becoming the preferred choice for Kubernetes policy management, offering a Kubernetes-native, YAML-based alternative to OPA/Gatekeeper. With features like intuitive policy writing, built-in resource generation, mutation, policy exceptions, and retroactive enforcement, Kyverno simplifies governance and security in Kubernetes environments. Learn why DevOps and platform teams are making the switch.

Many teams rely on “skeleton pipelines” that get code to production but haven’t been improved in months—or ever. This article urges software teams to treat their delivery pipelines as critical, evolving parts of their product. It highlights the importance of ownership, accountability, and continuous improvement in the software delivery process to avoid bottlenecks, reduce deployment pain, and enable faster, more reliable releases.

At Octopus, we've distilled years of deployment experience into the 10 Pillars of Pragmatic Deployments — a flexible, experience-driven framework to help teams build reliable, repeatable, and user-friendly software deployments. From understanding repeatable and verifiable deployments to achieving seamless cutovers with smart strategies like rolling updates and canary deployments, this guide walks you through modern deployment best practices that work in the real world — not just in theory.

Uncover the pivotal role of PostgreSQL's extensions ecosystem, its historical context, and why it remains indispensable for modern data needs, including AI and analytics. Dive into key extensions like TimescaleDB, PostGIS, and pgvector, and learn how a managed service, like Aiven, mitigates risks and enhances reliability.

DevOps brought developers and operations together to improve software delivery speed and reliability. Now, Platform Engineering builds on that foundation—enabling development teams with self-service tools, golden pathways, and smoother workflows. This article explores how Platform Engineering complements DevOps, supports scale without sacrificing autonomy, and helps high-performing teams reduce complexity while boosting productivity.

Automatic rollbacks might sound like a safe fallback for failed deployments, but modern software delivery tells a different story. This article explores why human-driven resilience, Continuous Delivery, and progressive delivery strategies are far more effective. Learn how deploying in small batches, using canary or blue/green strategies, and leveraging feature flags can help you respond smarter—and faster—when things go wrong.

Stack Overflow adopted Octopus Deploy to streamline and scale its enterprise software delivery using tenanted deployments, automation, and Configuration as Code. By integrating application code, build, and deployment processes in a single GitHub repo, the team improved CI/CD efficiency, enabled better collaboration through pull requests, and reduced deployment times across multiple customers. Octopus's Azure support, API flexibility, and excellent customer service empowered Stack Overflow to standardize and mature its DevOps practices.

Uncover the critical security risks of running Ruby on Rails in development mode on a live server, from exposing internal workings and sensitive information to increasing the risk of remote code execution and DoS attacks. Learn practical steps to safeguard your application and prevent these vulnerabilities.

Given the surge in web application data breaches, learn how to effectively store and secure sensitive data in your web applications. This article explores critical data types, client-side and server-side storage mechanisms, common OWASP Top 10 vulnerabilities, and essential protective measures like robust authentication, access control, and encryption strategies.

Guestline transformed a 20-year-old manual deployment process for its EPOS software by adopting Octopus Deploy. With Octopus Cloud and tenanted deployments, Guestline automated updates to over 800 hotel customers, saving thousands of hours and significantly improving consistency and speed. The team now delivers updates twice a month, enhancing customer experience and enabling faster cloud adoption across its global footprint.

Recruit Wizard transformed its software delivery by adopting Octopus Deploy for full deployment automation across Kubernetes and virtual machines. Moving from quarterly to daily deployments, the team now uses Config as Code and Runbooks to streamline releases, reduce errors, and empower non-engineering staff to run operational tasks independently. With Octopus Cloud, they’ve modernized and scaled their deployments while staying focused on growth and innovation in recruitment software.